Quote:
Originally Posted by ai-danno
I seem to remember having a problem with a PPPOE adsl connection and it didn't work properly until I adjusted the MTU.
|
Yes, you right. I had this
issue sometime ago.
But even leaving only two lines in pf.conf:
Code:
ext_if1="pppoe0"
match on $ext_if1 scrub (max-mss 1440)
didint make mpath working...
But there is a good news... After reading tons of manuals, faq and forums i finally solve my problem by simple reply-to statement in pf.conf. Everything is easy now and works perfect!
So simple solution for two ISP (no load balancing, no fail-over) with one default route is reply-to
.
Most important parts of pf.conf:
Code:
ext_if1="pppoe0"
ext_gw1="xxxxxxx"
ext_if2="em0"
ext_gw2="xxxxxxx"
int_if="fxp0"
# MTU
match on $ext_if1 scrub (max-mss 1440)
# Upload limit
altq on $ext_if1 priq bandwidth 500Kb queue {up_std, up_prio}
queue up_prio priority 7
queue up_std priority 1 priq(default)
# Default policy
block in log all
block out log all
set block-policy drop
# loopback
set skip on lo
# NAT
pass out on $ext_if1 from 192.168.1.0/24 to any nat-to ($ext_if1)
# Allow anything from the internal network out onto the Internet
pass in quick on $int_if proto tcp from $int_if:network to any
# --- SSH in
# WAN1
pass in quick on $ext_if1 inet proto tcp from any to ($ext_if1) port 50022
# WAN2
pass in quick on $ext_if2 \
proto tcp from any to ($ext_if2) port 50022 \
reply-to ($ext_if2 $ext_gw2)
# --- SSH in
# --- WWW DMZ
# WAN1
pass in quick on $ext_if1 proto tcp from any to ($ext_if1) port 80 rdr-to 192.168.1.50 port 80
# WAN2
pass in quick on $ext_if2 \
proto tcp from any to ($ext_if2) port 80 \
rdr-to 192.168.1.50 port 80 \
reply-to ($ext_if2 $ext_gw2)
# INT_IF out
pass out quick on $int_if proto tcp from any to 192.168.1.50 port 80
# --- WWW DMZ
Thank you all for help,
Regards.